Org.xwiki.platform

228 tracked vulnerabilities.

CVE-2026-26000 MEDIUM
XWiki Platform <17.9.0, <17.4.6, <16.10.13 - XSS
Feb 12, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-24128 MEDIUMNUCLEI
XWiki Platform <17.7.0 - XSS
Jan 24, 2026
CVSS 6.1
EPSS 0.00
CVE-2025-66473 HIGH
XWiki <17.6.0 - Info Disclosure
Dec 10, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-66472 MEDIUMNUCLEI
XWiki Platform <16.10.9, <17.0.0-rc-1 to <17.4.1 - XSS
Dec 10, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-55749 HIGHNUCLEI
XWiki <16.10.11, 17.4.4, 17.7.0 - Info Disclosure
Dec 01, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-52472 NUCLEI
Org.xwiki.platform Xwiki-platform-rest-server < 17.4.2 - SQL Injection
Oct 06, 2025
EPSS 0.00
CVE-2025-55748 HIGHNUCLEI
XWiki Platform <16.10.6 - Info Disclosure
Sep 03, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-55747 CRITICALNUCLEI
XWiki Platform <16.10.6 - Info Disclosure
Sep 03, 2025
CVSS 9.1
EPSS 0.01
CVE-2025-58049 MEDIUM
XWiki Platform <16.4.8-17.4.0-rc-1 - Info Disclosure
Aug 28, 2025
CVSS 5.8
EPSS 0.00
CVE-2025-54125 MEDIUMNUCLEI
XWiki Platform <17.1.0 - Info Disclosure
Aug 06, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-54124 MEDIUM
XWiki Platform <17.1.0 - Info Disclosure
Aug 06, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-32430 MEDIUMNUCLEI
XWiki Platform - Cross-Site Scripting
Aug 06, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-54385 CRITICAL
Xwiki < 16.10.6 - Improper Input Validation
Jul 26, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-32429 CRITICALNUCLEI
XWiki Platform - SQL Injection
Jul 24, 2025
CVSS 9.8
EPSS 0.32
CVE-2025-49587 HIGH
Xwiki < 15.10.16 - XSS
Jun 13, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-49586 HIGH
Xwiki < 16.4.7 - Incorrect Authorization
Jun 13, 2025
CVSS 8.8
EPSS 0.05
CVE-2025-49585 HIGH
XWiki <15.10.16, 16.0.0-rc-1-16.4.6, 16.5.0-rc-1-16.10.1 - Code Inj...
Jun 13, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-49584 HIGH
XWiki <16.4.6, 16.5.0-rc-1, 16.10.2, 17.0.0-rc-1 - Info Disclosure
Jun 13, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-49583 LOW
XWiki - Info Disclosure
Jun 13, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-49582 HIGH
Xwiki < 16.4.7 - Remote Code Execution
Jun 13, 2025
CVSS 8.0
EPSS 0.01
CVE-2025-49581 HIGH
XWiki - RCE
Jun 13, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-49580 HIGH
Xwiki < 16.4.7 - Incorrect Privilege Assignment
Jun 13, 2025
CVSS 8.0
EPSS 0.00
CVE-2024-56158 CRITICAL
Xwiki < 15.10.16 - SQL Injection
Jun 12, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-48063 HIGH
Xwiki < 16.10.4 - Improper Authorization
May 21, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-46557 CRITICAL
XWiki <15.10.14, <16.4.6, <16.10.0-rc-1 - Privilege Escalation
Apr 30, 2025
CVSS 9.8
EPSS 0.00
Products
xwiki-platform-oldcore 43 xwiki-platform-web-templates 22 xwiki-platform-web 15 xwiki-platform-administration-ui 11 xwiki-platform-rest-server 10 xwiki-platform-flamingo-skin-resources 6 xwiki-platform-appwithinminutes-ui 5 xwiki-platform-distribution-war 5 xwiki-platform-attachment-ui 4 xwiki-platform-flamingo-theme-ui 4 xwiki-platform-skin-skinx 4 xwiki-platform-wiki-ui-mainwiki 4 xwiki-platform-livetable-ui 4 xwiki-platform-scheduler-ui 4 xwiki-platform-search-ui 4 xwiki-platform-notifications-ui 4 xwiki-platform-icon-ui 3 xwiki-platform-search-solr-api 3 xwiki-platform-panels-ui 3 xwiki-platform-invitation-ui 3 xwiki-platform-legacy-oldcore 3 xwiki-platform-security-requiredrights-default 3 xwiki-platform-rendering-wikimacro-store 2 xwiki-platform-rendering-xwiki 2 xwiki-platform-rendering-async-macro 2 xwiki-platform-help-ui 2 xwiki-platform-rendering-macro-context 2 xwiki-platform-search-solr-ui 2 xwiki-platform-administration 2 xwiki-platform-notifications-notifiers-default 2
Quick Filters
Critical CVEs With Exploits In CISA KEV